Summary
Shockingly it wasn't as bad as people fear-mongored last week.
Quotes
The way this is being described in media, including last weeks WAN show is totally misrepresenting how the feature is being implemented. The scanning for CSAM only happens to images stored on iCloud. Google, Facebook, and Microsoft already scan for the same images on their servers. Apple is scanning the images on the phone rather than their servers, but only on images about to be uploaded. The reason Apple is doing it this way is that it requires the database of images that are being searched for is on the device. Explicitly, the list of neural hashes. This allows anyone to verify that Apple is doing what they are claiming to be doing. Contrary to the approaches of Google et al. where the scanning is done server side and it is impossible to verify what they are searching for.
Importantly, none of this applies if you choose not to use iCloud.
Sources
https://www.wsj.com/video/series/joanna-stern-personal-technology/apples-software-chief-explains-misunderstood-iphone-child-protection-features-exclusive/573D76B3-5ACF-4C87-ACE1-E99CECEFA82C?mod=hp_lead_pos7